[ubuntu/quantal-security] keystone 2012.2.4-0ubuntu3.2 (Accepted)
Jamie Strandboge
jamie at ubuntu.com
Wed Oct 23 19:23:32 UTC 2013
keystone (2012.2.4-0ubuntu3.2) quantal-security; urgency=low
* SECURITY UPDATE: revoke user tokens when disabling/delete a project
- debian/patches/CVE-2013-4222.patch: add _delete_tokens_for_project() to
common/controller.py and use it in identity/controllers.py
(LP: #1179955)
- CVE-2013-4222
* SECURITY UPDATE: fix and test token revocation list API
- debian/patches/CVE-2013-4294.patch: fix token matching for memcache
backend token revocation (LP: #1202952)
- CVE-2013-4294
Date: 2013-10-22 17:19:14.013177+00:00
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
https://launchpad.net/ubuntu/quantal/+source/keystone/2012.2.4-0ubuntu3.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Quantal-changes
mailing list